Cyber Security R&D
Opening Statement By Chairman Daniel Lipinski
Good morning. Welcome to this Research and Science Education Subcommittee hearing on cyber security research and development.
Information technology is an integral part of our daily lives. Computers, cell phones, and the Internet have greatly increased our productivity and connectivity. Unfortunately, this connectivity and the dependence of our critical infrastructures on information technologies have increased our vulnerability to cyber attacks. For example, last year the Pentagon reported more than 360 million attempts to break into its networks. Just two weeks ago, a cyber attacker accessed the design plans for the $300 billion Joint Strike Fighter project.
But it’s not just the Pentagon that needs to worry about cyber security. Cybercrime is a problem for businesses large and small, and for every single American. The FTC estimates that identity theft costs consumers about $50 billion annually, and that even more alarmingly, it’s the fastest growing type of fraud in the United States. These aren’t just individual criminals. Increasing globalization and the internet means that sophisticated organized crime groups can mine information, selling it both nationally and internationally.
In 2007, nearly 50 million credit card records were taken when cybercriminals broke into computer systems used by the retailer TJ Maxx. Some analysts put the total cost of the breach at over $4 billion, and the stolen card data was used to defraud retailers nation-wide. Wal-mart lost almost $8 million to fraudulent gift cards. Ultimately 11 people were indicted, including three U.S. citizens, two individuals from China, one from Belarus, one from the Ukraine, and one from Estonia. This is what cyber-attacks are about: it’s a world-wide challenge to law enforcement, and it can affect any American.
Improving the security of cyberspace is of the utmost importance and it will take the collective effort of the Federal government, the private sector, our scientists and engineers, and every American to be able to accomplish this.
In order to realize the full benefits of information technology we need advances in cyber security R&D. Cyber threats are constantly evolving and cyber security R&D must evolve in concert through a combination of near term fixes and long-term projects that build a more secure foundation.
People are perhaps the most important part of our IT infrastructure, and according to experts, they are also the ‘weakest link’ in many systems. Better cyber security education for both the general public and for current and future IT professionals is vital. However, there’s still a lot we don’t understand about how humans interact with technology; therefore, more research into the social and behavioral sciences has the potential to significantly improve the security of our IT systems.
Today, we will hear from witnesses who are actively engaged in efforts to improve the security of our digital infrastructure. I look forward to the witnesses providing valuable insight into the challenges we face in tackling this complex issue and the role of cyber security R&D and education in any comprehensive solution.
The Science and Technology Committee has a key role to play in improving cyber security, and to that end, we are holding a series of hearings to examine various aspects of this issue. After we focus today on R&D and education, next week our Subcommittee will hold a joint hearing with the Technology and Innovation Subcommittee to hear how federal agencies are responding to the Administration’s 60-day cyberspace policy review. And later this month, the Technology and Innovation Subcommittee will hold a hearing to assess the efforts of DHS and NIST.
There is no doubt that our use of the internet and other communication networks is continuing to grow and evolve, and that threats from individual hackers, criminal syndicates, and even other governments are growing and evolving too. I am glad that the President is taking an active role, and there is no doubt in my mind that Administration leadership will help better define and prioritize cyber-threats, coordinate the Federal response, and develop effective partnerships with the private sector. As Chairman of this Subcommittee I look forward to working with my colleagues and the Administration to ensure the development of a strong cyber security strategy.
I want to thank all of our witnesses for taking the time to appear before the subcommittee this morning and I look forward to your testimony.
Witnesses
Panel
0 - Mr. Timothy Brown
Vice President and Chief Architect CA Security Management CA Security Management
Download the Witness Testimony
0 - Dr. Seymour Goodman
Professor of International Affairs and Computing and Co-Director Georgia Tech Information Security Center Georgia Institute of Technology Georgia Tech Informati
Download the Witness Testimony
0 - Ms. Liesyl Franz
Vice President Information Security and Global Public Policy TechAmerica Information Security and Global Public Policy TechAmerica
Download the Witness Testimony
0 - Dr. Anita D’Amico
Director Secure Decisions Division Applied Visions, Inc. Secure Decisions Division Applied Visions, Inc.
Download the Witness Testimony
0 - Dr. Fred Schneider
Samuel B. Eckert Professor of Computer Science Department of Computer Science Cornell University Department of Computer Science Cornell University
Download the Witness Testimony